join with security

spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java

@@ -1,14 +1,22 @@
 package com.spring.security1.config;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 @Configuration
 @EnableWebSecurity // 스프링 시큐리티 필터(SecurityConfig)가 스프링 필터 체인에 등록
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+    @Bean
+    public BCryptPasswordEncoder encodePwd() {
+        return new BCryptPasswordEncoder();
+    }
+
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.csrf().disable();
@@ -19,7 +27,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .anyRequest().permitAll()
                 .and()
                 .formLogin()
-                .loginPage("/login");
+                .loginPage("/loginForm");
     }
 
 }

spring-security/src/main/java/com/spring/security1/controller/IndexController.java

@@ -1,12 +1,20 @@
 package com.spring.security1.controller;
 
+import com.spring.security1.model.User;
+import com.spring.security1.repository.UserRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 @Controller
+@RequiredArgsConstructor
 public class IndexController {
 
+    private final UserRepository userRepository;
+    private final BCryptPasswordEncoder bCryptPasswordEncoder;
 
     @GetMapping({"", "/"})
     public String index() {
@@ -33,22 +41,26 @@ public class IndexController {
         return "manager";
     }
 
-    @ResponseBody
-    @GetMapping("/login")
-    public String login() {
-        return "login";
+    @GetMapping("/loginForm")
+    public String loginForm() {
+        return "loginForm";
     }
 
-
-    @ResponseBody
-    @GetMapping("/join")
-    public String join() {
-        return "join";
+    @GetMapping("/joinForm")
+    public String joinForm() {
+        return "joinForm";
     }
 
-    @ResponseBody
-    @GetMapping("/joinProc")
-    public String joinProc() {
-        return "회원가입 완료!";
+    @PostMapping("/join")
+    public String join(User user) {
+        System.out.println(user);
+        user.setRole("ROLE_USER");
+        // 패스워드가 암호화 되지 않으면 시큐리티로 로그인 할 수 없음.
+        String rawPassword = user.getPassword();
+        String encPassword = bCryptPasswordEncoder.encode(rawPassword);
+        user.setPassword(encPassword);
+        userRepository.save(user);
+        return "redirect:/loginForm";
     }
+
 }

spring-security/src/main/java/com/spring/security1/model/User.java

@@ -0,0 +1,30 @@
+package com.spring.security1.model;
+
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.hibernate.annotations.CreationTimestamp;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import java.sql.Timestamp;
+
+@Entity
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class User {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private int id;
+    private String username;
+    private String password;
+    private String email;
+    private String role; // ROLE_USER, ROLE_ADMIN
+
+    @CreationTimestamp
+    private Timestamp createDate;
+}

spring-security/src/main/java/com/spring/security1/repository/UserRepository.java

@@ -0,0 +1,11 @@
+package com.spring.security1.repository;
+
+import com.spring.security1.model.User;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+// CRUD 함수를 JpaRepository가 들고 있음.
+// JpaRepository를 상속 했기 때문에 @Repository 어노테이션이 없어도 IoC된다.
+@Repository
+public interface UserRepository extends JpaRepository<User, Integer> {
+}

spring-security/src/main/resources/templates/joinForm.html

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>회원가입 페이지</title>
+</head>
+<body>
+    <h1>회원가입 페이지</h1>
+    <hr/>
+    <form action="/join" method="post">
+        <input type="text" name="username" placeholder="Username"/> <br/>
+        <input type="password" name="password" placeholder="Password"/> <br/>
+        <input type="email" name="email" placeholder="Email"/> <br/>
+        <button>회원가입</button>
+    </form>
+</body>
+</html>

spring-security/src/main/resources/templates/loginForm.html

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>로그인 페이지</title>
+</head>
+<body>
+    <h1>로그인 페이지</h1>
+    <hr/>
+    <form>
+        <input type="text" name="username" placeholder="Username"/> <br/>
+        <input type="password" name="password" placeholder="Password"/> <br/>
+        <button>로그인</button>
+    </form>
+    <a href="/joinForm">회원가입을 아직 하지 않으셨나요?</a>
+</body>
+</html>